PrivacyCon 2022 is a day-long virtual event November 1, 2022 that will include traditional discussion panels, research talks and demos, and Q&A. Session topics will be based on staff input and the research we receive. FTC staff will moderate the sessions.
Scope of Research
For PrivacyCon 2022 we are seeking empirical research and demonstrations on consumer privacy and data security, including rigorous economic analyses, social science research, and law and policy articles that include an empirical or applied focus. As described below, we are interested in research related to automated decision-making systems, commercial surveillance, and other consumer privacy and security concerns:
Focus topic 1: Automated Decision-making Systems
Algorithmic Bias and Ensuring Fairness in Algorithmic Use. Fairness engineering methods and bias evaluations of machine learning models are rapidly being incorporated into AI “auditing” frameworks and evaluations. Do auditing methods adequately assess algorithmic bias and fairness? What metrics are reliable for evaluating and effectively addressing unlawful algorithmic bias?
- Information Management and Data Provenance. Issues relating to data quality, secondary use, the overcollection of data, and extended retention of data have become increasingly salient to conversations around implementations of AI technology. What methods are most appropriate for addressing these concerns? Are these concerns more pronounced in certain contexts or applications? What are best practices for ensuring greater transparency regarding data provenance?
- AI Validation, Explainability and Benchmarking. What is the current state of auditing as an industry and in research practices? What would best practices for validating, benchmarking, and evaluating AI systems look like? What is the efficacy of audits as an accountability mechanism? What, if any, impediments exist that can limit or hinder one’s ability to employ best practices?
- Impact of Automated Decision-making on Underserved Consumers. What are the best approaches for identifying intersectional privacy and security harms related to automated decision-making (i.e., harms that affect or are more pronounced amongst individuals or communities that experience more than one form of marginalization or have multiple protected statuses)? What are the best approaches for researching and addressing the harmful effects of automated decision-making on marginalized, underserved, or protected status individuals or communities?
Focus topic 2: Commercial Surveillance
- Workplace Monitoring and Algorithmic Management. In the shift to remote work environments a growing number of employers increased their use of worker monitoring and algorithmic management technologies. What are the implications of the increased use of these tools? How did the shift to remote work impact the privacy and security of consumers?
- Advertising Ecosystem and Surveillance Advertising. On which practices do companies rely to obtain personal consumer data? Are companies using this consumer data to manipulate consumer behavior? What harms do consumers experience due to the collection of their personal data for advertising purposes? What benefits can consumers realize from the collection of their personal data? Do the online advertising ecosystem and related business models that rely on the monetization of consumer data incentivize new consumer surveillance practices, and if so, what are those practices and what effect do these practices have on consumer privacy and security?
- Biometric Surveillance. As biometrics are being implemented in both public and private sector contexts they have profound implications for consumer privacy and data security. A range of privacy issues may be exacerbated by emerging technologies (such as new types of smart devices, and virtual and augmented reality). In particular, biometric data collecting technologies and systems introduce complexities around accuracy, where increased technical accuracy can translate into more invasive forms of consumer surveillance. How are consumers impacted by public and private sector uses of biometric technologies? How should regulators think about and evaluate accuracy concerns? How are competition and consumer protection concerns implicated – jointly and separately – by the use of biometrics?
General research topics
In addition to presentations on commercial surveillance and automated decision-making systems, PrivacyCon 2022 will accept research submissions on broader consumer privacy and security issues, with a particular interest in the following areas:
- Exploring Novel Remedies and Approaches Aimed at Improving Privacy and Security Practices to Help Consumers (e.g., Algorithmic Deletion, Mandated Data Practices)
- Short- and Long-Term Impacts of Mergers and Acquisitions on Privacy and Security Practices
- Privacy and Security Protection of Underserved Communities
- Child and Teen Privacy Risks, Harms, and Vulnerabilities
- Effectiveness of Consumer Privacy and Security Disclosures, Defaults, Choice Architecture, User Interfaces and Other Approaches to Affecting Consumer Access and Control Over Information
- Consumer Behavior Related to Privacy and Security Risks and Commercial Influences on Consumer Behavior regarding Privacy and Security (e.g., Dark Patterns)
- Data Governance and Information Security Practices to Prevent Data Breaches
- Effects of Government Regulation and Interventions
Selection Criteria and Review Process
- Presentations may concern research that has been prepared for, previously presented at, or is under consideration for inclusion in other conferences or publications.
- Requests must be from researchers to present their own research, completed after January 1, 2021.
- Requests to make presentations that are substantially promotional or commercial in nature will not be granted.
- Research exposing a previously unknown security or privacy vulnerability in a specific product or service will only be accepted if it has been responsibly disclosed to the affected entity and that entity has been given time to resolve the issue. Such requests must be submitted only through the Accellion secure file web form described below and must be accompanied by: (1) a request for confidential treatment of research, and (2) a statement describing how you responsibly disclosed the vulnerability to the entity responsible for the affected product or service.
- Requests will be granted at FTC staff’s sole discretion, based upon an assessment of the quality of the submissions, the relevance of the submissions to the FTC’s work, and the need to cover a diverse range of topics representing a variety of viewpoints.
- FTC Staff will make every effort to notify all researchers by September 23, 2022, whether they have been selected to present at PrivacyCon .
The deadline for submission is July 29, 2022.
As part of your submission through the web-based form, you must include the following information:
- First and last name, email address, phone number, job title, and affiliation of researcher(s) making the request;
- A single point of contact for communications with FTC staff;
- The area of research;
- The title of the research you propose to present along with a maximum one-page abstract summarizing your methodology, findings, and how your research differs from prior research in this area;
- Up to five keywords that characterize your research;
- Publication details for any research that has been previously published or accepted for publication;
- Any sources of funding for your research;
- Your completed or draft research paper or extended abstract (please note all final papers must be received PRIOR to the July 29, 2022 submission deadline);
- Any additional information you would like to share (optional); and
- Whether you would like your submission to be kept confidential. Your confidentiality request must identify the specific portions of your submission for which confidential treatment is being requested, and the legal or factual basis for your request. See Commission Rule 4.9(c). If the General Counsel grants your request for confidential treatment, your submission will not be made publicly available, except as required by law. If you do not request confidential treatment of your submission, it may be placed on the FTC’s public record of this matter at www.ftc.gov, including the name and state of the submitter. (The FTC will make reasonable efforts to redact any personal e-mail or home address, phone numbers, or other personal contact information before placing a submission on the public record.
We invite you to send questions to PrivacyCon@ftc.gov.
If You Are Selected to Present*
- If your request is granted, you must confirm by September 30, 2022 (or one week following notification of acceptance), that you will present your research at PrivacyCon 2022 during the presentation slot offered to you. If you do not confirm by this date, FTC staff may offer your slot to someone else.
- You must make yourself available for pre-conference planning calls with FTC staff and discussants.
- You must submit all presentation materials (e.g., slides, if you plan to use them) to the FTC by October 12, 2022.
*NOTE: The FTC does not offer compensation of any kind to presenters or participants in its conferences. In addition, PrivacyCon, including all presentations, will be available to the public via a live-stream and on the FTC’s website in archived video and transcript form.
If You Are Not Selected to Present
We recognize that we likely will receive more high-quality requests to present research than we have available slots to present research at PrivacyCon. If you are not selected for participation, we may still request permission to post relevant research submissions to our public event website.
Research Completed After PrivacyCon
The FTC welcomes privacy and data security researchers to inform us of their latest findings, especially as it relates to technology that impacts the privacy and security of consumers’ personal information. The dialogue between researchers and policymakers must continue after the PrivacyCon event. We invite you to send in your research to firstname.lastname@example.org if you are interested in discussing your research with us or have further questions.